At present there is a large volume of software for performing various online transactions. Many online transactions involve banking services and electronic money transfers. These transactions are typically performed via standard Internet browsers and separate banking clients (applications), which are especially popular on mobile platforms. Among other applications related to online transactions, electronic currency systems may serve as an example, such as WebMoney or PayPal, or online games which use their own system of micro-transactions during which the user purchases in-game objects or in-game currency with real funds (by using their credit card, for example).
With the growth of online payments, hackers have become very interested in this service sector and actively trying possible ways of intercepting the data of transactions for the purpose of unlawful (fraudulent) transfer of funds. In one example, the theft of such data may be done using malicious programs (or using phishing), which get onto the computers of the users (infecting them). Most often such programs may get onto the computers by infecting popular Internet browsers, intercept data being entered from data entry devices (such as a keyboard or mouse), or intercept data being sent on the network. For example, malicious programs infecting browsers gain access to the browser files and search through the browsing history and the passwords saved when visiting web pages. Data entry interceptors (keyloggers), for example, may intercept the entry of data from a keyboard or mouse, take photographs of the screen (screenshots) and hide their presence in the system using various rootkit technologies. Similar technologies may also be used to create interceptors of network packets (traffic sniffers), which intercept network packets as they are transmitted and extract valuable information from them, such as passwords and other personal data. It should be noted that an infection occurs most often due to vulnerabilities in the software, which makes it possible to carry out various exploits to penetrate the computer system and then install malicious software.
Existing antivirus technologies, such as the use of signature or heuristic analysis, methods of proactive protection or the use of lists of trusted applications (whitelists), may be able to detect some malicious programs on the computers of users, but may not always be able to determine their new modifications, the frequency of appearance of which may be growing on a daily basis. Thus, it is desirable to have robust solutions for safeguarding the programs that facilitate online payments by users.
Some existing software and hardware solutions introduce supplemental factors of authentication, such as the sending of a one-time password (OTP) to a mobile telephone of a user or via the use of hardware for user authentication. However, these solutions may also be vulnerable. One of the examples of harmful programs which can intercept OTPs may include the malicious program Zeus. Thus, improved solutions are needed in order to protect the user's data from being intercepted during an online transaction.